MAS updates e-payment guidelines to better safeguard against fraud

The guidelines will come into effect on June 30, 2019, and will apply to banks, insurance providers and firms with stored-value facilities.
The guidelines will come into effect on June 30, 2019, and will apply to banks, insurance providers and firms with stored-value facilities.PHOTO: REUTERS

SINGAPORE – The Monetary Authority of Singapore (MAS) has revised a new rule that requires financial institutions to send alerts to consumers for every e-payment transaction above $0.01.

In its update issued on Thursday (April 25), the MAS said that consumers will be able to set their own limits.

The updated guidelines will come into effect on June 30 this year and will apply to banks, insurance providers and firms with widely-accepted stored-value facilities including EZ-Link and Nets. Grab and Singtel may come under the Payment Services Act, which will take effect as early as the end of this year.

Fraud is a rising concern as more people now use e-wallets such as PayLah!, GrabPay and Singtel Dash.

First issued last September, the guidelines also contain new measures to better balance risky user behaviour with the potentially large losses that financial institutions are exposed to. 

From June 30 this year, consumers can claim up to $1,000 from the bank if they are able to prove that they are not negligent in any way that could have contributed to unauthorised transactions. 

This threshold was set as e-wallets have a stored-value and transaction limit of $1,000, and banks typically require more checks for transactions more than $1,000.
 

 

This new measure will place an existing blanket rule that allows consumers found to be careless but not reckless in contributing to unauthorised transactions to be liable for only up to $100. 

Careless behaviour includes misplacing a mobile phone or accidentally giving away passwords, and the onus is now on banks to prove that users are reckless.

Under the new guidelines, users are also expected to provide updated contact information to banks and monitor transaction notifications to spot suspicious activities early.

Users must also have good cyber security habits such as installing the latest software updates and patches for their mobile phones and computers used in e-payments.

If unauthorised transactions are detected, users must report them as soon as possible, cooperate with the financial institutions promptly, and report the matter to the police if the institutions require police reports.

Otherwise, consumers may be liable for unauthorised transactions.

As for financial institutions, the new guidelines require them to investigate transaction disputes quickly and provide a detailed investigation report within 21 days for straightforward cases, and 45 days for complex ones.

The new guidelines will not apply to scams, which will be investigated for fraud.

They will also not apply to unauthorised payments made directly on credit cards, debit cards, and charge cards as there are existing guidelines in place for these payments.

Correction note: MAS clarified that Grab and Singtel do not come under the e-payment guidelines that will kick in on June 30 even though they offer stored-value facilities.